<?php
	session_start();

	require_once("../config/config.php");
	
	// on récupére les variables POST
	$log = $_POST["login"];
	$pass = $_POST["pass"];
	
	//connexion à la base de donnée via PDO
	$db = new PDO(PDO_DSN, USER , PASSWD ) or die("échec de connexion au serveur");
	$db->exec("SET NAMES 'UTF8'");
	
	// requête SQL
	$sql = "SELECT cl_id, cl_pwd, cl_nom, cl_prenom
		FROM clients
		WHERE cl_mail = :log ;" ;
		
		
		
	$rq=$db->prepare($sql);

	$rq->bindParam(":log", $log);
	
	$rq->execute(); 

	$rq->bindColumn("cl_pwd",$pwd);
	$rq->bindColumn("cl_id",$id);
	$rq->bindColumn("cl_nom",$nom);
	$rq->bindColumn("cl_prenom",$prenom);
	
	$rq->fetchAll();
	
	//var_dump($tab);
	//var_dump($id);
	//var_dump($pwd);
	
	//on test les login et password
	if ( $pwd == $pass ){
		// identification valide
		$_SESSION["log"]=$log ;
		$_SESSION["pass"]=$pwd ;
		$_SESSION["id"]=$id ;
		$_SESSION["nom"]=$nom ;
		$_SESSION["prenom"]=$prenom ;
		header("location: ../index.php");
	}
	else {
		header("location: ../index.php");
      		//"Login ou mot de passe incorrect"
      	}
    	
?>

